Oracle Cloud Infrastructure – Identity Service Vulnerability – Verify your Accounts NOW!

Today I was called by an allied sales from Oracle Switzerland (thanks Andreas). The main contact of the OCI tenant got an email in case of an identity service vulnerability in the past days. As I am not the main contact but the technical admin, I asked the tenant contact. An indeed, there was a mail arrived at 14th of June which was not forwarded to me. Oracle Security Notification for Oracle Cloud Infrastructure (OCI) Identity Service vulnerability CVE-2022-21503 (Doc ID 2861245.1) As a result of this vulnerability, administrators and their designees with read-access to the OCI audit-records in your tenancy could have viewed some credentials in clear text. These administrators and their designees could have used such credentials to…

Read More

Oracle Cloud Infrastructure OS Management – A small Update Script

This happens when not reading the docs until the end. I was searching for an automated OS Management patch job to patch my Oracle Cloud Infrastructure compute instances. Thanks on Twitter to @svilmune, @dhoogfr and @patrickjoss, who show me the menu in the OCI GUI and yes, there is a scheduler. In the meantime, I wrote a small bash script based on the OCI-CLI and instance principals. Credits to Iterating OCI CLI list data in bash (apextips.blogspot.com). Script #!/bin/bash set -e # set compartment comp=ocid1.compartment.oc1..aaaaaaaaoqti273775l2ye4xv4yqi35bcon3o4qb64yqfaxyj2jdagnvtsja # start check echo “” echo “———————————————————————————” echo “OCI OS Management Update Check $(date)” echo “———————————————————————————” #list OSMS registered instances managedinstanceList=$(oci os-management managed-instance list -c $comp –auth instance_principal) for i in $(echo “$managedinstanceList” | jq…

Read More

Oracle Cloud Infrastructure Quick Tip – Use the Bastion Service with MobaXterm

Mobatek’s MobaXterm is my favorite terminal for the daily work. It supports a lot of protocols like SSH, RDP, VNC, integrates X11 and SFTP and many more. And, MobaXterm can be used to connect to your OCI compute instance by the Oracle Cloud Infrastructure Bastion Service and the Managed SSH Session feature. Prerequisites OCI Compute Instance running in a private subnet OCI Bastion plugin enabled on Compute Instance – be patient when you enable it for the first time and fulfill the requirements for the agent The VCN has a Service Gateway attached The Subnet allows network connection from the Bastion Service private endpoint IP address – See Allowing Network Access From the Bastion (oracle.com) Link: Oracle Cloud Infrastructure Documentation…

Read More

Oracle Database Appliance – let’s backup to the Oracle Cloud Infrastructure Object Storage

This blog post describes the setup for an Oracle Database Appliance ODA database backup by RMAN to the Oracle Cloud Infrastructure. Basically there are three destinations for backup and recovery possible: • Oracle Fast Recovery Area (FRA) disk – the Internal FRA • Network File System (NFS) location – external FRA • Oracle Cloud Infrastructure Object Storage – Oracle Object Storage When using backup to the Oracle Cloud Infrastructure Object Storage, the Oracle Database Backup Cloud Service module (opc_installer.jar) is configured in the background. A configuration can be created by the ODA browser interface or by command line tool odacli – what I prefer. When you have already worked with the Oracle Database Backup Service and the OPC module, the…

Read More

Oracle 11g – let’s move that old Stuff to the Oracle Cloud

This blog post describes the lift and shift of an on-prem Oracle 11g Enterprise Edition to Oracle Cloud Infrastructure by using Oracle RMAN paired with OCI Object Storage. Works for other versions > Oracle 11g / Enterprise Edition too (the tablespace encryption method may change). Architecture Q&A What’s the motivation of the lift and shift of a good old on-prem Oracle 11g database to Oracle Database Service? Hardware runs out of lifecycle Out scoping of an on-prem database which is only used for several times to compare old data Regulatory, for example we have the keep and access the data for 10 yrs Changing from on-prem licenses to the license included model Upgrade tests for 19c and convert to Multitenancy…

Read More